From 587eb952c62c3c876f9e67a07009df62c2abefdc Mon Sep 17 00:00:00 2001
From: Dmitry Sokol <sokoldv@ukr.net>
Date: Fri, 16 Jun 2023 12:23:50 +0300
Subject: [PATCH 1/2] Update twitch endpoints

Update endpoints for twitch OAuth flow and user info
---
 lib/passport-twitch/oauth2.js | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/lib/passport-twitch/oauth2.js b/lib/passport-twitch/oauth2.js
index 4ecb03e..d907997 100644
--- a/lib/passport-twitch/oauth2.js
+++ b/lib/passport-twitch/oauth2.js
@@ -42,8 +42,8 @@ var InternalOAuthError = require("passport-oauth2").InternalOAuthError;
  */
 function Strategy(options, verify) {
     options = options || {};
-    options.authorizationURL = options.authorizationURL || "https://api.twitch.tv/kraken/oauth2/authorize";
-    options.tokenURL = options.tokenURL || "https://api.twitch.tv/kraken/oauth2/token";
+    options.authorizationURL = options.authorizationURL || "https://id.twitch.tv/oauth2/authorize";
+    options.tokenURL = options.tokenURL || "https://id.twitch.tv/oauth2/token";
 
     OAuth2Strategy.call(this, options, verify);
     this.name = "twitch";
@@ -72,17 +72,18 @@ util.inherits(Strategy, OAuth2Strategy);
  * @api protected
  */
 Strategy.prototype.userProfile = function(accessToken, done) {
-    this._oauth2.get("https://api.twitch.tv/kraken/user", accessToken, function (err, body, res) {
+    this._oauth2.get("https://api.twitch.tv/helix/users", accessToken, function (err, body, res) {
         if (err) { return done(new InternalOAuthError("failed to fetch user profile", err)); }
 
         try {
             var json = JSON.parse(body);
+            var data = json.data[0];
 
             var profile = { provider: "twitch" };
-            profile.id = json._id;
-            profile.username = json.name;
-            profile.displayName = json.display_name;
-            profile.email = json.email;
+            profile.id = data.id;
+            profile.username = data.login;
+            profile.displayName = data.display_name;
+            profile.email = data.email;
 
             profile._raw = body;
             profile._json = json;

From 25b3e1c31e4382fb8c9f0923949ac480113f1117 Mon Sep 17 00:00:00 2001
From: Dmitry Sokol <sokoldv@ukr.net>
Date: Fri, 16 Jun 2023 13:18:50 +0300
Subject: [PATCH 2/2] Update oauth2.js

Add custom header to get user info and change Authorization method to Bearer
---
 lib/passport-twitch/oauth2.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/passport-twitch/oauth2.js b/lib/passport-twitch/oauth2.js
index d907997..ac7eefd 100644
--- a/lib/passport-twitch/oauth2.js
+++ b/lib/passport-twitch/oauth2.js
@@ -44,11 +44,11 @@ function Strategy(options, verify) {
     options = options || {};
     options.authorizationURL = options.authorizationURL || "https://id.twitch.tv/oauth2/authorize";
     options.tokenURL = options.tokenURL || "https://id.twitch.tv/oauth2/token";
+    options.customHeaders = options.customHeaders || { 'Client-Id': options.clientID };
 
     OAuth2Strategy.call(this, options, verify);
     this.name = "twitch";
 
-    this._oauth2.setAuthMethod("OAuth");
     this._oauth2.useAuthorizationHeaderforGET(true);
 }
 
@@ -84,6 +84,7 @@ Strategy.prototype.userProfile = function(accessToken, done) {
             profile.username = data.login;
             profile.displayName = data.display_name;
             profile.email = data.email;
+            profile.photo = data.profile_image_url;
 
             profile._raw = body;
             profile._json = json;